According to PANews, blockchain security platform Scam Sniffer has revealed that the phishing group Inferno Drainer has recently exploited the Ethereum EIP-7702 upgrade feature to carry out a new type of attack, resulting in a single loss of $150,000. EIP-7702 is a crucial part of the Pectra upgrade, allowing externally owned accounts (EOA) to temporarily act as smart contract wallets during transactions. Attackers have used authorized MetaMask wallets to perform bulk token transfer operations.
Yu Xian, founder of SlowMist Technology, highlighted that this attack signifies an upgrade in phishing strategies. Instead of directly hijacking wallets, attackers are now using the "execute" command to perform malicious bulk authorizations in the background. Security experts recommend users regularly check the status of token authorizations and verify whether their wallets have been maliciously delegated using tools like Etherscan.
